From the course: Cisco Network Security: Intrusion Detection and Prevention
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Monitoring the network - Cisco Routers Tutorial
From the course: Cisco Network Security: Intrusion Detection and Prevention
Monitoring the network
- [Instructor] Intrusion detection systems monitor the network for unusual or suspicious activity. The system is constantly vigilant for an attack signature. Database compromise has affected over 2.5 billion as we see in this infographic. We can take a look and see data records compromised in 2017. We take a look a little farther down and you can see the number of breach incidents by type, by source, and down below, by industry. You see it's a level playing field. Anyone can be affected. Therefore, any evidence of data exfiltration or compromise is carefully monitored. Intrusion detection systems also are tuned to recognize virus, worms, Trojans, and bot activity. Intrusion detection systems also monitor for web attacks, such as SQL injection attacks, cross-site scripting, and denial-of-service attacks. The Cisco intrusion detection system sensors can use four types of signature triggers, pattern-based detection, anomaly-based detection, policy-based detection, and honeypot-based…